﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;

namespace JKDD.Patient
{
    public partial class patientLogin : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                HtmlImage logo = (HtmlImage)Master.FindControl("logoImg");
                logo.Src = "../Include/images/logo.jpg";
            }
        }

        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            string hospital = txtHospital.Text.ToString();
            string sections = txtSections.Text.ToString();
            string doctor = txtDoctor.Text.ToString();
            string number=txtNumber.Text.ToString();
            string pass = txtPass.Text.ToString();
            string secury = txtSecury.Text.ToString();
            string code=HttpContext.Current.Application["Code"].ToString();
            if (rbYes.Checked)
            {
                if (hospital.Trim().Length > 0 && sections.Trim().Length > 0 && doctor.Trim().Length > 0 && pass.Trim().Length > 0)
                {
                    if (secury.Trim() == code)
                    {
                        string sql;
                        sql = "select * from TB_PATIENT_INFO where NPATIENTID='" + number.Trim() + "' and SDOCTORID='" + doctor.Trim() + "' and SPASSWORD='" + pass.Trim() + "'";
                        try
                        {
                            DataTable dt = operateDB.GetDataTable(sql);
                            if (dt.Rows.Count > 0)
                            {
                                sql = "select SSTATUS from TB_PATIENT_INFO where NPATIENTID='" + number.Trim() + "' and SDOCTORID='" + doctor.Trim() + "' and SPASSWORD='" + pass.Trim() + "'";
                                dt = operateDB.GetDataTable(sql);
                                string str = dt.Rows[0]["SSTATUS"].ToString();
                                if (str == "1")
                                {
                                    Response.Redirect("PatientIndex.aspx?doctorNum=" + doctor + "&patientNum=" + number);
                                }
                                else
                                {
                                    lblError.Text = "对不起，您还没通过身份认证！";
                                }
                            }
                            else
                            {
                                txtPass.Text = "";
                                lblError.Text = "网号或密码不正确！";
                            }
                        }
                        catch (Exception exc)
                        {
                            txtPass.Text = "";
                            lblError.Text = "服务器错误，暂时不能登陆！";
                        }
                    }
                    else
                    {
                        txtPass.Text = "";
                        lblError.Text = "验证码错误！";
                    }
                }
                else
                {
                    txtPass.Text = "";
                    lblError.Text = "医生或网号或密码或验证码不能为空！";
                }
            }
            else
            {
                txtPass.Text = "";
                lblError.Text = "你不同意《健康多点网服务条款》！";
            }
        }
    }
}
